 package com.gmrz.uaf.policy.verification;
 
 import com.gmrz.uaf.protocol.v1.processor.exception.UAFErrorCode;
 import com.gmrz.uaf.protocol.v1.schema.AuthenticatorSpec;
 import com.gmrz.uaf.protocol.v1.schema.MatchCriteria;
 import com.gmrz.uaf.protocol.v1.schema.Policy;
 import java.util.Collection;
 import java.util.List;
 import java.util.Map;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
 class PolicyVerificationUtil
 {
   private static final Logger LOG = LogManager.getLogger(PolicyVerificationUtil.class);
 
   static void verifyInputs(List<?> assertions, Map<String, AuthenticatorSpec> specMap, Policy policy) throws PolicyVerificationException {
     if (isEmpty(assertions)) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Cannot process null/empty assertion");
     }
 
     if ((specMap == null) || (specMap.isEmpty())) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Cannot process null/empty authenticator specs map");
     }
 
     if (policy == null) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Cannot process null policy");
     }
 
     List acceptedMatchCriteria = policy.getAccepted();
 
     if ((acceptedMatchCriteria == null) || (acceptedMatchCriteria.isEmpty()))
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Accepted MatchCriteria cannot be null or empty");
   }
 
   static boolean isEmpty(Collection coll)
   {
     return (coll == null) || (coll.isEmpty());
   }
 
   static AuthenticatorSpec getAuthenticatorSpecForAAID(String aaid, Map<String, AuthenticatorSpec> specMap) throws PolicyVerificationException {
     if ((aaid == null) || (aaid.isEmpty())) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "AAID cannot be null or empty");
     }
     if ((specMap == null) || (specMap.size() == 0)) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "AuthenticatorSpec is not available in the spec map");
     }
 
     AuthenticatorSpec spec = specMap.get(aaid);
 
     if (spec == null) {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Authenticator spec is not available");
     }
     return spec;
   }
 
   static boolean containsIntegerInList(List<Integer> integerList, int element) {
     for (Integer value : integerList) {
       if ((value != null) && (value.intValue() == element)) {
         return true;
       }
     }
     return false;
   }
 
   static boolean containsStringInList(List<String> stringsList, String element) {
     for (String value : stringsList) {
       if ((value != null) && (value.equalsIgnoreCase(element))) {
         return true;
       }
     }
     return false;
   }
 
   static boolean checkAuthenticatorVersion(MatchCriteria matchCriteria, String assertionAAID, int authenticatorVersionInAssertion) throws PolicyVerificationException {
     if ((matchCriteria == null) || (assertionAAID == null))
     {
       throw new PolicyVerificationException(UAFErrorCode.SYS_POLICY_VERIFICATION_FAILED, "Policy matching failed. Unhandled usage");
     }
     if ((matchCriteria.getAAID() != null) && (matchCriteria.getAAID().size() == 1) && 
       (assertionAAID.equals(matchCriteria.getAAID().get(0)))) {
       LOG.debug("Matching the authenticator Version in assertion and match criteria for AAID : {} ", assertionAAID);
 
       if (authenticatorVersionInAssertion < matchCriteria.getAuthenticatorVersion().intValue()) {
         LOG.debug("Validation of the Authenticator version (in assertion): {} failed against authentication version(in matchCriteria) : {} ", Integer.valueOf(authenticatorVersionInAssertion), matchCriteria.getAuthenticatorVersion());
         return false;
       }
 
     }
 
     return true;
   }
 }
